Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

mask.of.sanity writes "Researchers have developed a signature system being examined by Twitter that hold promise to cut down on the amount of fake accounts used to deliver spam and malware.
The signatures were developed during a study into the semi-underground market of fake accounts and was subsequently used by Twitter to eliminate an impressive 95 percent of several million accounts identified in the research. It applied elements like account names, the timing of the account creation, and browser identifiers to identify fake accounts. The 10-month study found that the creation of fake accounts at its peak represented 60 percent of all new accounts. (Paper here.)"

The summary is a little misleading, it quotes a "peak" of fake accounts being "60 percent of the total new Twitter accounts," but leaves out the part of the article saying that over the 10-month study, the average was fake accounts were only "about 20 percent of new Twitter account created."

TFA also stated:

The scammers had a "thorough" understanding of Twitter’s anti-scam account protections, the researchers said, allowing them to create a well-oiled and stable underground market. "Our findings show

I've not done twitter before...., so, can someone tell me why exactly people would create "fake" accounts for following themselves?

They don't create them on their own.

People like to point to # of Twitter followers as some measure of popularity.

So politicians, bloggers, and companies who want to look like more people are following them on Twitter pay a service which does this. Most of them are fake accounts which exist only to follow people and pad out their numbers.

I think it's pretty important to recognize that people are scum often enough that you can predict when a popular service is out there, someone will attempt to game it in some way to defraud or otherwise deceive others for personal gain.

Sadly, some people call this "doing business." I simply can't agree with the morality, but I can't reject the reality of the situation.

There's nothing wrong with doing business. Scamming occurs when one party in the negotiation (could be solicitor in some cases, but more often is the customer) leaves the exchange feeling jilted, decieved so as to give one party unfair advantage, or outright robbed.

Any business exchange where one party is not completely honest is suspect. Twitter is perfect for dishonesty because it's just a name on a screen that can be spoofed, hijacked, and misrepresented.

someone will attempt to game it in some way to defraud or otherwise deceive others for personal gain.

You understand libertarian capitalism perfectly.

There's nothing wrong with doing business. Scamming occurs when one party in the negotiation (could be solicitor in some cases, but more often is the customer) leaves the exchange feeling jilted, decieved so as to give one party unfair advantage, or outright robbed. Any business exchange where one party is not completely honest is suspect.

Exactly. Free markets work well under the right conditions, but one of the things needed for free markets to be effective is an absence of widespread deceit.

So as long as you aren't aware you're being swindled by externalized costs, it's just fine. Yes.

Externalized costs are another way in which free markets fail to work well. Basically, if somebody can offload their cost, so that they get the benefits and somebody else pays the cost, the market is no longer efficient.

Actually, Perception is a large part of the equation...if I'm healed by the power of placebo-positive thinking, I'm still healed... I got what I sought in the transaction.

Most products sold are based on this idea, and many have ethical tradeoffs... and they're perfectly legal and as long as you're happy with it as a customer, then you got your value out of it... Heck, we've sold all sorts of things to one another that are openly harmful, including fast food, daily caffeine dosages, cigarettes, gasoline for

Well, what business are we talking about, here? Buying followers to fake the popularity of your page and discovering that those "followers" are fake? Or buying mailing lists stolen by blackhats or piled by crawlers?Both cases look rather shady to me, and if someone get ripped buying drugs, he could do us all a favor and file a complaint and the closest police station...

It would be nice if online accounts like this had some sort of "longevity health" that was a function of how often they were updated (and when they were last updated). Every tweet, for example, would add some length of time onto the lifespan of an account, based on some kind of metric on how often people should be interacting with their stream (ie. 1/day or something like that).

When a user does not log into their account, a clock ticks down and when it hits zero, the account is archived and deactivated. The

People would just write scripts to automatically register any account that expires, and name-squat on them. If you know how much time it takes to disable, and you can see all their posts, you can easily write a script to do this. Someone who could do that could write a keep alive posting script. This would either be abused for impersonation of people (imagine if the email you use for your bank expires, it wouldn't be good.) or held for ransom, which are both far worse than namespacewaste.

It would be nice if online accounts like this had some sort of "longevity health" that was a function of how often they were updated (and when they were last updated). Every tweet, for example, would add some length of time onto the lifespan of an account, based on some kind of metric on how often people should be interacting with their stream (ie. 1/day or something like that).

When a user does not log into their account, a clock ticks down and when it hits zero, the account is archived and deactivated. The user can "reset" the countdown by logging into their account. And the more interacting they do while logged in the longer the countdown lasts while they are logged out.

May not be the best implementation, but it would just be nice to see some kind of auto-culling behavior on networks like these. Not just for spammers but for people who create an account, send three tweets about "what do I do on here?" and then never log in again. #namespacewaste

Various MMOs have tried this; logging, captchas, interactive buttons to push on the screen to ensure you're online and not a bot....

All that really happens is that a few lines get rewritten in a bot to make it click the right place on the screen, or log-in every 24 hours, etc.

I don't the appeal of your posts. They rarely serves any useful purpose or even seems interesting. Only times I've seen otherwise are when it serves as a kind of amusement for people too scare to actually reveal who they are.

FTFA:signatures built on elements like account names, the timing of the account creation and browser identifiers to identify fake accounts.

It would be wise for them to beta this tech first before actually implementing it full scale. For a $360M a year practice [cir.ca], there will be people who will find a way around it. Everyone thought Captcha was hackproof when it first came out and that has basically mutated into a system which can be used by neither human or machine.

I wonder what the false positive rate is for the signature system? The false negative rate is 5%. I would need to know more information before I could figure out the false positive rate and how many legitimate accounts are flagged by this system,.

The researchers obtained permission from Twitter to conduct the research but were denied by Google, Yahoo and Facebook to conduct an investigation into scam accounts over their respective networks.

So only Twitter cooperated with an independent researcher trying to identify fake accounts. There is conflict of interest here, big companies have no real incentive to crack down on fake accounts. We should really commend Twitter for being open.

If you can get 10000 followers for a few bucks, why doesn't twitter set up fake accounts, pay the people to follow that account, then assume all followers are fake and delete those accounts. They could also determine the IPs and other identifiers around those accounts and block them in the future. If they have sweat shop people doing this, then the cost of creating accounts would be higher and likely not profitable.